In the data storage and server industry, an effort is being made by manufacturers to offer more reliable data storage and server products. Such efforts include the provision of 24×7×365 support services aimed to minimize any customer down time that may result from error(s), including but not limited to a product system, product component, or product software errors, or, minimize any repair action that results from the error. One system feature, referred to as “Call Home”, is a fault reporting and remote dial-out diagnostic service feature that has been available in many server products (e.g., entry, midrange, high-end, mainframe, etc.) and data storage products. Such Call Home feature is preferably built into the server and/or data storage product and devised to automatically contact a remote customer repair facility in the event that some error has occurred. One particular product that is provided with the Call Home feature is an automated storage library, such as the IBM 3584 Ultra Scalable Tape Library which is a system designed for cost-effectively handling a wide range of data storage services including backup, archive, and disaster recovery data storage needs.
FIG. 1 illustrates an exemplary automated storage library 100 having the built in Call Home feature. As shown in FIG. 1, the automated storage library 100 includes one or more storage drives 106, storage bins 109, and, a robotic picker including gripper mechanisms 108 for moving removable media (e.g., tape) between the storage drives 106 and storage bins 109. The Call Home feature is provided to automatically contact a remote customer repair facility in the event that some error has occurred. Any communication between a host system 102 and the automated storage library 100 may occur over a communications network 104, such as a POTS, Internet, or the like. For example, the Call Home feature may automatically contact a repair facility through a dial-up MODEM 112 over communications link 115, the Internet, or some other communication mechanism. Generally, a Call Home record is generated that includes detailed information about the error and any related information, such as diagnostic logs, etc. In some instances, however, more information is required by the repair center because it may not be practical to anticipate every piece of information that may be needed in the Call Home record. For example, product center personnel may wish to inspect certain areas of product memory that were not reported in the Call Home record. In such cases, the repair center may use another feature such as Call In, which is a feature that permits repair personnel to contact the storage product from a remote location. As with Call Home, this communication may be established with a dial-up MODEM, the Internet, or some other communication media/mechanism. The Call In feature further allows for the diagnosis of problems without actually going to the customer site. This can save a great deal of time because a visit to the customer site does not have to be scheduled and there is no travel time associated with such activity.
While a beneficial support feature, the Call In function has a drawback in the area of logon security and, particularly, the use of fixed passwords. With the current call in function, unauthorized access to a customer machine is possible which could lead to a number of undesirable consequences including intentional or unintentional disruption of customer services. For example, a repair person of a prior art repair center that had performed a diagnostic/support service and had access to the customer's fixed password in the performance of the service, may be enabled to subsequently gain unauthorized access to that customer's system. Related art methods have not adequately addressed the issue of logon security where there is a need to authorize limited repair center access to a customer machine. Thus, for example, a password that is initially shared between the access grantor and the access requester is more easily detected by unauthorized surveillance and therefore remains a logon security risk. The prior art simply has a need for a more secure logon, i.e., access method that is dynamic and unpredictable.